What are your data preservation requirements? If you are setting up an archive, chances are you need to find out. The challenge is that finding a reliable list of legal and regulatory requirements for data preservation sounds a lot easier than it is.
Sungard, a purveyor of hot site services a decade or so back, had someone who was dedicated to maintaining a list of regulatory requirements for data preservation. Circa 2008, the list looked like this:
In that year, analysts were projecting that some $70B had been spent on regulatory compliance, mostly on the use of consulting servies to identify relevant laws and regulations and to establish rention policies. At the time, the big problem confronting firms was that they were discovering a need to dip into the till again to develop compliant deletion policies.
Alas, the list has not been kept up to date since I last checked, and finding a coherent compilation of data preservation requirements via Internate search engines is a pain. The concept of data preservation to satisfy regulatory requirements is conflated with lots and lots of rants from folks who, rightly or wrongly, believe that their government, internet service provider or telco are collecting information about them and preserving it for use against them at some future date.
Clearly, different market verticals have different data retention/preservation requirements. There are also state and national rules and regulations to consider, especially in Europe where the movement to enable on-request identity erasure from corporate and governmental databases has gathered steam.
Watch this space to learn about additional post-2008 retention and deletion rules as we uncover them. And if you or your business are required to retain certain types of data because of a regulation or law, please use the comment section to let us know. We hope to have a full listing of all regulations and legal requirements related to data preservation and deletion for use by DMI members and visitors.